505
exclude
: Displays all lines that do not match the specified regular expression.
include
: Displays all lines that match the specified regular expression.
regular-expression
: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
If you do not specify any parameter, the command displays information about all ACLs for all GMs,
including the downloaded ACLs and the locally configured ACLs. A locally configured ACL refers to
the ACL referenced by the GDOI IPsec policy.
Examples
# Display information about all ACLs for all GMs.
<Sysname> display gdoi gm acl
Group Name: abc
ACL Downloaded From KS 12.1.1.100:
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255 destination 12.1.1.0 0.0.0.255
ACL Configured Locally:
IPsec Policy Name: gdoi-group1
ACL Identifier: 3001
rule 0 deny ip source 10.1.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
Group Name: 123
ACL Downloaded From KS 12.1.1.100:
rule 1 permit ip source 13.1.1.0 0.0.0.255 destination 13.1.2.0 0.0.0.255
# Display the ACL information that GMs downloaded from the KS.
<Sysname> display gdoi gm acl download
Group Name: abc
ACL Downloaded From KS 12.1.1.100:
rule 0 permit ip
rule 1 permit ip source 12.1.1.0 0.0.0.255 destination 12.1.1.0 0.0.0.255
# Display the ACL information locally configured on GMs.
<Sysname> display gdoi gm acl local
Group Name: abc
ACL Configured Locally:
IPsec Policy Name: gdoi-group1
ACL Identifier: 3001
rule 0 deny ip source 10.1.1.0 0.0.0.255 destination 10.1.1.0 0.0.0.255
Table 90 Command output
Field Description
Group Name
GDOI GM group name.
rule 0 permit ip
Indicates that IPsec protects any IP packets.
rule 1 permit ip source 12.1.1.0 0.0.0.255
destination 12.1.1.0 0.0.0.255
Indicates that IPsec protects IP packets whose source
and destination addresses are within subnet
12.1.1.0/24.